diff options
author | Jakub Jelen <jjelen@redhat.com> | 2022-09-23 18:39:20 +0200 |
---|---|---|
committer | Jussi Kivilinna <jussi.kivilinna@iki.fi> | 2022-09-27 08:30:42 +0300 |
commit | 9c828129b2058c3f36e07634637929a54e8377ee (patch) | |
tree | e12f4bc19b3bab3c5e99e79f098b9f8e35ad0b62 /cipher/keccak_permute_64.h | |
parent | 3c04b692de1e7b45b764ff8d66bf84609b012e3a (diff) | |
download | libgcrypt-9c828129b2058c3f36e07634637929a54e8377ee.tar.gz |
keccak: Use size_t to avoid integer overflow
* cipher/keccak-armv7-neon.S: Fix function name in comment and change
parameter type to size_t.
* cipher/keccak.c (keccak_ops_t): Change absorb function signature to
use size_t.
(keccak_absorb_lanes64_avx512): Change nlanes type to size_t.
(_gcry_keccak_absorb_lanes64_armv7_neon): Ditto.
(keccak_absorb_lanes64_armv7_neon): Ditto.
(keccak_absorb_lanes32bi): Ditto.
(keccak_absorb_lanes32bi_bmi2): Ditto.
(keccak_write): Change nlanes variable to use size_t and avoid
overflow when calculating count.
* cipher/keccak_permute_64.h (KECCAK_F1600_ABSORB_FUNC_NAME): Change
nlanes argument to use size_t.
--
Any input to the SHA3 functions > 4GB was giving wrong result when it
was invoked in one-shot, while working correctly when it was fed by
chunks. It turned out that the calculation in the `keccak_write`
overflows the `unsigned int` type (`nlanes * 8` does not fit 32b when
the `inlen` > 4GB).
GnuPG-bug-id: 6217
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Diffstat (limited to 'cipher/keccak_permute_64.h')
-rw-r--r-- | cipher/keccak_permute_64.h | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/cipher/keccak_permute_64.h b/cipher/keccak_permute_64.h index b28c871e..45ef462f 100644 --- a/cipher/keccak_permute_64.h +++ b/cipher/keccak_permute_64.h @@ -292,7 +292,7 @@ KECCAK_F1600_PERMUTE_FUNC_NAME(KECCAK_STATE *hd) static unsigned int KECCAK_F1600_ABSORB_FUNC_NAME(KECCAK_STATE *hd, int pos, const byte *lanes, - unsigned int nlanes, int blocklanes) + size_t nlanes, int blocklanes) { unsigned int burn = 0; |